CVE-2004-0962 — Apple Remote Desktop vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

1.8%

top 17.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Remote Desktop

Timeline

PublishedFeb 9

Latest updateApr 29

Description

Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/apple_remote_desktop2.0.0

🔴Vulnerability Details

GHSA

GHSA-8pw7-pwq3-fqh7: Apple Remote Desktop Client 1↗2022-04-29

▶

CVEList

CVE-2004-0962: Apple Remote Desktop Client 1↗2004-10-28

▶